HR, ICT - How To Defend From Ransomware Attacks
Human Resources and IT workers are being urged to prepare businesses and organizations for what some cyber-security experts believe will be a sharp increase in ransomware attacks. This is when hackers use malware to infect, take over, and encrypt computer systems - locking out the rightful users and threatening to delete critical data unless a ransom is paid.
Previous ransom amounts ranged from US$100 to $500. More recently, it's been demanded in BitCoins, which are more difficult for law enforcement to trace.
But a recent ransomware attack on Hollywood Presbyterian Medical Center in Los Angeles went way beyond that while causing all sorts of trouble. The hospital eventually paid the equivalent of AU$23,700. The hackers took over patient records and shut down medical devices connected to the main system. Critically ill patients had to be transferred to another hospital until the situation was normalized. That attack was traced back to Turkish hackers.
"The sheer amount of costs to unlock your files has drastically increased," said Dodi Glenn, vice president of Cyber Security at PC Pitstop, a security software company based in Sioux City, Iowa.
Dell SecureWorks investigated two ransomware attacks so far this year, at a transportation company and a technology firm. In the latter case, the hackers controlled 30 percent of the unnamed firm's systems. Dell's Phil Burdette said, "It is obviously a group of skilled operators that have some amount of experience conducting intrusions."
Security firms Attack Research, InGuardians, and G-C Partners each said they had investigated three other similar attacks since December. That adds up to five, and all are attributed to Chinese hackers - although Beijing won't investigate unless it is presented with convincing proof the attacks originated from within China's borders.
So what can HR and IT departments do? Back-up and update, as often as possible.
"Update the browsers, update the operating systems, update the critical security patches, and update anti-virus software," said ID Theft Security CEO Robert Siciliano. "Make sure you have anti-virus, anti-phishing, anti-spyware and a firewall," he added.
"Encryption is especially important since, without an encryption key, hackers cannot access encrypted data," added attorney Laura Jehl, who specializes in privacy and data security at the global law firm Sheppard, Mullin, Richter & Hampton. "Have a data breach plan in place that contemplates the possibility of a ransomware attack and addresses business continuity, communications and restoration from backups. Know who you would call first, and store that contact information somewhere outside your company’s systems," she said.